Often, it is desirable for two computers to securely communicate with each other over a public network. This may be accomplished using asymmetric encryption when operating within a public key infrastructure (PKI). Thus, one computer may obtain a public key for the second computer from a signed certificate provided by a certifying authority, which it may then use to encrypt a communication destined for the second computer. The second computer may also obtain a certificate for the first computer in order to communicate in the reverse direction. In some arrangements, the first computer includes a symmetric key within the original encrypted communication sent to the second computer so that symmetric encryption may subsequently be used between the computers.
In other arrangements, a pre-shared key may be used by both computers in order to engage in symmetric encryption. The pre-shared key may be initially assigned to both computers, or the pre-shared key may be communicated via an out-of-band communications channel, such as by telephone or courier.